APiGen

Appearance

Security

Security is a first-class citizen in APiGen. The framework provides a robust security module based on Spring Security.

Features

  • JWT Authentication: Stateless authentication using JSON Web Tokens.
  • OAuth2 / OIDC: Integration with Keycloak, Auth0, Google, etc.
  • Role-Based Access Control (RBAC): Fine-grained permissions.
  • API Keys: For machine-to-machine communication.
  • Rate Limiting: Protect your API from abuse.

Configuration

Enable security in your generation config:

yaml
features:
  security:
    enabled: true
    provider: jwt # or oauth2

Endpoints

  • POST /api/auth/login: Exchange credentials for token.
  • POST /api/auth/refresh: Refresh access token.
  • POST /api/auth/register: Register new user (optional).

Released under the MIT License.

Copyright 2024-present JNZader